Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/C9C96F28915811EE87753477C4F9AE02.roa
File: C9C96F28915811EE87753477C4F9AE02.roa (raw, json)
Hash identifier: i4al0EeBPDN51VE68p+Io/0ysWqv7uzyDxQSgFqCZd4=
Subject key identifier: 76:E5:49:73:E4:47:87:36:8A:0A:95:02:7E:90:92:EF:B5:F8:B5:AE
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0565
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/C9C96F28915811EE87753477C4F9AE02.roa
Signing time: Mon 25 Dec 2023 17:25:01 +0000
ROA not before: Mon 25 Dec 2023 17:25:01 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 834
IP address blocks: 43.247.135.0/24 maxlen: 24
43.255.120.0/24 maxlen: 24
43.255.122.0/23 maxlen: 24
43.255.156.0/24 maxlen: 24
103.24.216.0/23 maxlen: 24
103.231.56.0/24 maxlen: 24
103.231.58.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Dec 2023 13:51:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1381 (0x565)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Dec 25 17:25:01 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6589baec-c4c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:33:3f:ff:68:89:ff:e1:b0:57:ec:fc:28:d9:
30:3d:c0:e4:99:c0:5e:59:87:fd:41:62:5d:51:d8:
71:83:1a:0f:e1:e0:43:9c:d3:4d:7b:95:d2:fa:06:
14:15:98:2e:23:c9:8a:f8:18:48:aa:10:89:da:f2:
fa:f2:97:a9:a9:72:70:67:a2:11:68:85:30:0e:64:
cf:53:40:14:0b:54:c1:7a:fd:25:2c:b8:8e:f4:9a:
25:ff:e1:47:b2:f4:da:44:b8:18:d9:18:2e:ba:63:
55:fa:ba:93:f2:e3:4a:34:9a:66:44:2d:80:57:9f:
02:2c:ee:18:dd:b6:03:90:91:e3:ff:9f:ba:3f:ee:
65:7b:dd:53:a1:29:6e:1f:8e:c1:71:cf:00:ae:ce:
25:52:8c:a1:af:65:96:4f:f4:7c:ce:c1:33:09:86:
8d:20:ba:9e:f0:1e:a4:9c:40:3b:fd:2e:57:9d:d1:
ed:51:6a:ab:88:9e:8a:4b:29:eb:8d:a6:cf:63:83:
ab:4f:a7:aa:13:6a:38:46:9f:52:db:f7:b3:20:dd:
b0:47:3d:c3:41:87:ec:2c:3c:ec:fa:d6:6e:53:65:
49:60:f0:94:1c:44:ae:59:e4:b7:10:99:51:82:3c:
3f:12:5b:7f:9a:04:8b:ad:1c:1c:b8:de:bd:75:82:
04:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E5:49:73:E4:47:87:36:8A:0A:95:02:7E:90:92:EF:B5:F8:B5:AE
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/C9C96F28915811EE87753477C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.135.0/24
43.255.120.0/24
43.255.122.0/23
43.255.156.0/24
103.24.216.0/23
103.231.56.0/24
103.231.58.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:9b:db:38:77:ca:82:72:ef:a9:e7:40:d7:0a:ed:6b:47:01:
89:f1:74:7d:3d:4f:ce:d0:53:bc:88:14:5e:7a:e8:5c:d7:90:
b7:25:69:7b:45:58:9a:a2:65:36:6a:f2:57:c2:26:aa:7f:76:
20:67:cd:af:47:50:5b:12:c6:fb:6d:81:0a:d4:8f:23:f1:6a:
08:6f:82:f6:58:c4:d7:8a:7e:d7:9b:76:90:4e:ec:93:7a:67:
e5:d9:3b:60:c3:4e:94:ed:1f:3e:40:bc:25:46:24:82:72:c6:
03:0b:30:5b:fb:08:77:a7:cb:bd:f8:9b:ee:cf:36:ba:91:2a:
7e:e3:f8:6e:a1:1f:eb:d3:f7:92:c0:43:60:d6:70:0e:70:cf:
5a:b8:48:dd:2f:85:f1:82:dc:63:3e:97:e9:76:e9:0a:40:66:
0e:43:16:28:b0:88:d4:67:88:4d:e9:8c:54:2f:90:fc:94:31:
a1:6f:78:32:d7:f1:9b:bb:f5:22:d3:eb:c9:77:5a:c2:7f:ce:
4d:73:18:5c:dc:90:4e:22:c8:2c:da:e2:af:47:ec:ee:51:2d:
4e:5a:70:48:f6:66:e3:35:56:f9:92:1f:f1:09:83:78:1e:e8:
7a:4b:bc:d5:8b:e5:b4:c1:33:9a:85:1b:a8:32:46:cc:91:39:
9f:a4:5b:c8
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICBWUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMxMjI1MTcyNTAxWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTg5YmFlYy1jNGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAujM//2iJ/+GwV+z8KNkwPcDkmcBeWYf9QWJdUdhxgxoP4eBDnNNNe5XS+gYU
FZguI8mK+BhIqhCJ2vL68pepqXJwZ6IRaIUwDmTPU0AUC1TBev0lLLiO9Jol/+FH
svTaRLgY2RguumNV+rqT8uNKNJpmRC2AV58CLO4Y3bYDkJHj/5+6P+5le91ToSlu
H47Bcc8Ars4lUoyhr2WWT/R8zsEzCYaNILqe8B6knEA7/S5XndHtUWqriJ6KSynr
jabPY4OrT6eqE2o4Rp9S2/ezIN2wRz3DQYfsLDzs+tZuU2VJYPCUHESuWeS3EJlR
gjw/Elt/mgSLrRwcuN69dYIEmwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFHblSXPk
R4c2igqVAn6Qku+1+LWuMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvQzlDOTZGMjg5
MTU4MTFFRTg3NzUzNDc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBAAr94cDBAAr/3gDBAEr/3oDBAAr/5wDBAFnGNgDBABn5zgD
BAFn5zowDQYJKoZIhvcNAQELBQADggEBABub2zh3yoJy76nnQNcK7WtHAYnxdH09
T87QU7yIFF566FzXkLclaXtFWJqiZTZq8lfCJqp/diBnza9HUFsSxvttgQrUjyPx
aghvgvZYxNeKftebdpBO7JN6Z+XZO2DDTpTtHz5AvCVGJIJyxgMLMFv7CHeny734
m+7PNrqRKn7j+G6hH+vT95LAQ2DWcA5wz1q4SN0vhfGC3GM+l+l26QpAZg5DFiiw
iNRniE3pjFQvkPyUMaFveDLX8Zu79SLT68l3WsJ/zk1zGFzckE4iyCza4q9H7O5R
LU5acEj2ZuM1VvmSH/EJg3ge6HpLvNWL5bTBM5qFG6gyRsyROZ+kW8g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org